- Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
- [auth.c session.c sshd.c auth.h]
split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
- [bufaux.c bufaux.h]
support ssh2 bignums
- [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
[readconf.c ssh.c ssh.h serverloop.c]
replace big switch() with function tables (prepare for ssh2)
- [ssh2.h]
ssh2 message type codes
- [sshd.8]
reorder Xr to avoid cutting
- [serverloop.c]
close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
- [channels.c]
missing close
allow bigger packets
- [cipher.c cipher.h]
support ssh2 ciphers
- [compress.c]
cleanup, less code
- [dispatch.c dispatch.h]
function tables for different message types
- [log-server.c]
do not log() if debuggin to stderr
rename a cpp symbol, to avoid param.h collision
- [mpaux.c]
KNF
- [nchan.c]
sync w/ channels.c
diff --git a/channels.h b/channels.h
index f8bca5c..73ff5a5 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* RCSID("$Id: channels.h,v 1.4 1999/11/25 00:54:58 damien Exp $"); */
+/* RCSID("$Id: channels.h,v 1.5 2000/04/01 01:09:23 damien Exp $"); */
#ifndef CHANNELS_H
#define CHANNELS_H
@@ -10,17 +10,18 @@
#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */
#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */
#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */
-/* SSH_CHANNEL_AUTH_FD 6 authentication fd */
-#define SSH_CHANNEL_AUTH_SOCKET 7 /* authentication socket */
-/* SSH_CHANNEL_AUTH_SOCKET_FD 8 connection to auth socket */
-#define SSH_CHANNEL_X11_OPEN 9 /* reading first X11 packet */
-#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to conn */
-#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to app */
+#define SSH_CHANNEL_AUTH_SOCKET 6 /* authentication socket */
+#define SSH_CHANNEL_X11_OPEN 7 /* reading first X11 packet */
+#define SSH_CHANNEL_INPUT_DRAINING 8 /* sending remaining data to conn */
+#define SSH_CHANNEL_OUTPUT_DRAINING 9 /* sending remaining data to app */
+#define SSH_CHANNEL_LARVAL 10 /* larval session */
+#define SSH_CHANNEL_MAX_TYPE 11
/*
* Data structure for channel data. This is iniailized in channel_allocate
* and cleared in channel_free.
*/
+typedef void channel_callback_fn(int id, void *arg);
typedef struct Channel {
int type; /* channel type/state */
@@ -29,15 +30,192 @@
/* peer can be reached over encrypted connection, via packet-sent */
int istate; /* input from channel (state of receive half) */
int ostate; /* output to channel (state of transmit half) */
- int sock; /* data socket, linked to this channel */
+ int rfd; /* read fd */
+ int wfd; /* write fd */
+ int efd; /* extended fd */
+ int sock; /* sock fd */
Buffer input; /* data read from socket, to be sent over
* encrypted connection */
Buffer output; /* data received over encrypted connection for
* send on socket */
+ Buffer extended;
char path[200]; /* path for unix domain sockets, or host name
* for forwards */
int listening_port; /* port being listened for forwards */
int host_port; /* remote port to connect for forwards */
char *remote_name; /* remote hostname */
+
+ int remote_window;
+ int remote_maxpacket;
+ int local_window;
+ int local_window_max;
+ int local_consumed;
+ int local_maxpacket;
+ int extended_usage;
+
+ char *ctype; /* type */
+
+ // callback
+ channel_callback_fn *cb_fn;
+ void *cb_arg;
+ int cb_event;
+ channel_callback_fn *dettach_user;
} Channel;
+
+#define CHAN_EXTENDED_IGNORE 0
+#define CHAN_EXTENDED_READ 1
+#define CHAN_EXTENDED_WRITE 2
+
+void channel_open(int id);
+Channel *channel_lookup(int id);
+
+int
+channel_new(char *ctype, int type, int rfd, int wfd, int efd,
+ int window, int maxpack, int extended_usage, char *remote_name);
+
+void channel_input_close(int type, int plen);
+void channel_input_close_confirmation(int type, int plen);
+void channel_input_data(int type, int plen);
+void channel_input_ieof(int type, int plen);
+void channel_input_oclose(int type, int plen);
+void channel_input_open_confirmation(int type, int plen);
+void channel_input_open_failure(int type, int plen);
+void channel_input_port_open(int type, int plen);
+void channel_input_open(int type, int plen);
+
+/* Sets specific protocol options. */
+void channel_set_options(int hostname_in_open);
+
+/*
+ * Allocate a new channel object and set its type and socket. Remote_name
+ * must have been allocated with xmalloc; this will free it when the channel
+ * is freed.
+ */
+int channel_allocate(int type, int sock, char *remote_name);
+
+/* Free the channel and close its socket. */
+void channel_free(int channel);
+
+/* Add any bits relevant to channels in select bitmasks. */
+void channel_prepare_select(fd_set * readset, fd_set * writeset);
+
+/*
+ * After select, perform any appropriate operations for channels which have
+ * events pending.
+ */
+void channel_after_select(fd_set * readset, fd_set * writeset);
+
+/* If there is data to send to the connection, send some of it now. */
+void channel_output_poll(void);
+
+/* Returns true if no channel has too much buffered data. */
+int channel_not_very_much_buffered_data(void);
+
+/* This closes any sockets that are listening for connections; this removes
+ any unix domain sockets. */
+void channel_stop_listening(void);
+
+/*
+ * Closes the sockets of all channels. This is used to close extra file
+ * descriptors after a fork.
+ */
+void channel_close_all(void);
+
+/* Returns the maximum file descriptor number used by the channels. */
+int channel_max_fd(void);
+
+/* Returns true if there is still an open channel over the connection. */
+int channel_still_open(void);
+
+/*
+ * Returns a string containing a list of all open channels. The list is
+ * suitable for displaying to the user. It uses crlf instead of newlines.
+ * The caller should free the string with xfree.
+ */
+char *channel_open_message(void);
+
+/*
+ * Initiate forwarding of connections to local port "port" through the secure
+ * channel to host:port from remote side. This never returns if there was an
+ * error.
+ */
+void
+channel_request_local_forwarding(u_short port, const char *host,
+ u_short remote_port, int gateway_ports);
+
+/*
+ * Initiate forwarding of connections to port "port" on remote host through
+ * the secure channel to host:port from local side. This never returns if
+ * there was an error. This registers that open requests for that port are
+ * permitted.
+ */
+void
+channel_request_remote_forwarding(u_short port, const char *host,
+ u_short remote_port);
+
+/*
+ * Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually
+ * called by the server, because the user could connect to any port anyway,
+ * and the server has no way to know but to trust the client anyway.
+ */
+void channel_permit_all_opens(void);
+
+/*
+ * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
+ * listening for the port, and sends back a success reply (or disconnect
+ * message if there was an error). This never returns if there was an error.
+ */
+void channel_input_port_forward_request(int is_root);
+
+/*
+ * Creates a port for X11 connections, and starts listening for it. Returns
+ * the display name, or NULL if an error was encountered.
+ */
+char *x11_create_display(int screen);
+
+/*
+ * Creates an internet domain socket for listening for X11 connections.
+ * Returns a suitable value for the DISPLAY variable, or NULL if an error
+ * occurs.
+ */
+char *x11_create_display_inet(int screen, int x11_display_offset);
+
+/*
+ * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
+ * the remote channel number. We should do whatever we want, and respond
+ * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
+ */
+void x11_input_open(int type, int plen);
+
+/*
+ * Requests forwarding of X11 connections. This should be called on the
+ * client only.
+ */
+void x11_request_forwarding(void);
+
+/*
+ * Requests forwarding for X11 connections, with authentication spoofing.
+ * This should be called in the client only.
+ */
+void x11_request_forwarding_with_spoofing(const char *proto, const char *data);
+
+/* Sends a message to the server to request authentication fd forwarding. */
+void auth_request_forwarding(void);
+
+/*
+ * Returns the name of the forwarded authentication socket. Returns NULL if
+ * there is no forwarded authentication socket. The returned value points to
+ * a static buffer.
+ */
+char *auth_get_socket_name(void);
+
+/*
+ * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
+ * This starts forwarding authentication requests.
+ */
+void auth_input_request_forwarding(struct passwd * pw);
+
+/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
+void auth_input_open_request(int type, int plen);
+
#endif